Patents by Inventor Sarvar Patel
Sarvar Patel has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20210182261Abstract: A method for providing encrypted search includes receiving, at a user device associated with a user, a search query for a keyword that appears in one or more encrypted documents stored on an untrusted storage device and accessing a count table to obtain a count of documents that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of documents. The method also includes evaluating a first portion of the DPRF and delegating a remaining second portion of the DPRF to the untrusted storage device which causes the untrusted storage device to evaluate the DPRF and access an encrypted search index associated with the documents. The untrusted storage device determines one or more encrypted documents associated with DPRF and returns, to the user device, an identifier for each encrypted document associated with the DPRF.Type: ApplicationFiled: December 12, 2019Publication date: June 17, 2021Applicant: Google LLCInventors: Kevin Yeo, Ahmet Erhan Nergiz, Nicolas Lidzborski, Laetitia Estelle Baudoin, Sarvar Patel
-
Publication number: 20210184840Abstract: A method for searchable encryption with a public key includes receiving an operation request front a user device associated with a user requesting that encryption of data associated with the user. The data includes a corpus of documents stored on a remote storage device. The method also includes receiving a public key associated with the user. The public key includes an asymmetric cryptographic public key. The method also includes generating a random data key. The data key includes a symmetric cryptographic key. The method also includes encrypting, using the data key, a search index for the corpus of documents based on keywords within the corpus of documents. The method also includes encrypting, using the public key, the data key and sending the encrypted data key to a user device associated with the user.Type: ApplicationFiled: December 12, 2019Publication date: June 17, 2021Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel
-
Publication number: 20210182408Abstract: A method for providing an encrypted search system includes receiving a search query for a keyword that appears in one or more encrypted emails stored on an untrusted storage device and accessing, a count table to obtain a count of unique emails within the emails that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of unique emails that include the keyword and delegating at least a portion of the DPRF to the untrusted storage device that causes the storage device to evaluate the delegated DPRF, access an encrypted search index associated with the emails, and determine one or more encrypted emails associated with the delegated DPRF based on the encrypted search index. The storage device also returns, to the user device, an identifier for each encrypted email associated with the delegated DPRF.Type: ApplicationFiled: December 13, 2019Publication date: June 17, 2021Applicant: Google LLCInventors: Kevin Yeo, Ahmet Erhan Nergiz, Laetitia Estelle Baudoin, Nicolas Lidzborski, Sarvar Patel
-
Patent number: 11023168Abstract: A method includes executing an instruction to execute a query for a data block, the data block associated with a corresponding memory level of a logarithmic number of memory levels (li) of memory, each memory level (li) including physical memory (RAMi) residing on memory hardware of a distributed system. The method also includes retrieving a value associated with the data block from an oblivious hash table using a corresponding key, and extracting un-queried key value pairs from the oblivious hash table associated with un-queried data blocks after executing a threshold number of queries for data blocks. The method also includes a multi-array shuffle routine on the extracted key value pairs from the oblivious hash table to generate an output array containing the un-queried key value pairs.Type: GrantFiled: March 26, 2019Date of Patent: June 1, 2021Assignee: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano, Mariana Raykova
-
Patent number: 11005654Abstract: A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.Type: GrantFiled: May 14, 2019Date of Patent: May 11, 2021Assignee: Google LLCInventors: Kevin Yeo, Sarvar Patel, Phillipp Schoppmann
-
Publication number: 20200389298Abstract: Systems and methods may be used for establishing a link between user identifiers of different systems without disclosing specific user identifying information. One method includes generating a matching relationship based on double encrypted one or more first data sets of a first party system and double encrypted one or more second data sets of a second party system. The matching relationship indicates one or more links between match keys associated with the first party system and the match keys associated with the third party system. The method includes assigning bridge identifiers for user identifiers associated with the first party system and the user identifiers associated with the third party system based on the matching relationship.Type: ApplicationFiled: August 25, 2020Publication date: December 10, 2020Applicant: Google LLCInventors: Shobhit Saxena, Benjamin Kreuter, Sarvar Patel, Karn Seth
-
Publication number: 20200387615Abstract: A method executing an instruction (300) to execute a query (q) for a data block (102) and determining whether the data block is stored in a block stash (370). When the data block is stored in the block stash during a download phase, the method includes removing the data block from the block stash, sending a fake query (304) to a distributed system (140) to retrieve a random data block stored in memory (114) of a distributed system (140), and discarding the random data block. When a current version of the data block is stored in the block stash during an overwrite phase, the method includes sending a fake query to the distributed system to retrieve another random data block stored in the memory of the distributed system, decrypting and re-encrypting the random data block with fresh randomness, and re-uploading the re-encrypted random data block onto the distributed system.Type: ApplicationFiled: January 12, 2018Publication date: December 10, 2020Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano
-
Publication number: 20200366482Abstract: A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.Type: ApplicationFiled: May 14, 2019Publication date: November 19, 2020Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel, Phillipp Schoppmann
-
Publication number: 20200358610Abstract: A method includes obtaining a plaintext query that includes a sequence of plaintext integers and generating a polynomial having coefficients that include the sequence of plaintext integers of the plaintext query. The method also includes encrypting the polynomial using a secret encryption key and transmitting the encrypted polynomial to a server. The secret encryption key is randomly sampled from a ciphertext space and the server is configured to expand the encrypted polynomial using a public encryption key to obtain a sequence of encrypted integers corresponding to the sequence of plaintext integers. The method also includes receiving an encrypted result from the server. The encrypted result is based on the sequence of encrypted integers.Type: ApplicationFiled: December 3, 2019Publication date: November 12, 2020Applicant: Google LLCInventors: Kevin Yeo, Asra Ali, Tancrede Lepoint, Sarvar Patel
-
Publication number: 20200342118Abstract: A method for providing response-hiding searchable encryption includes receiving a search query for a keyword from a user device associated with a user. The keyword appears in one or more encrypted documents within a corpus of encrypted documents stored on an untrusted storage device. The method also includes accessing a document oblivious key-value storage (OKVS) to obtain a list of document identifiers associated with the keyword. Each document identifier in the list of document identifiers associated with a respective keyword identifier is concatenated with the keyword and uniquely identifies a respective one of the one or more encrypted documents that the keyword appears in. The method also includes returning the list of document identifiers obtained from the document OKVS to the user device.Type: ApplicationFiled: December 16, 2019Publication date: October 29, 2020Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano
-
Patent number: 10764041Abstract: Systems and methods may be used for establishing a link between user identifiers of different systems without disclosing specific user identifying information. One method includes generating a matching relationship based on double encrypted one or more first data sets of a first party system and double encrypted one or more second data sets of a second party system. The matching relationship indicates one or more links between match keys associated with the first party system and the match keys associated with the third party system. The method includes assigning bridge identifiers for user identifiers associated with the first party system and the user identifiers associated with the third party system based on the matching relationship.Type: GrantFiled: December 14, 2017Date of Patent: September 1, 2020Assignee: Google LLCInventors: Shobhit Saxena, Benjamin Kreuter, Sarvar Patel, Karn Seth
-
Publication number: 20200175192Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.Type: ApplicationFiled: February 4, 2020Publication date: June 4, 2020Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano
-
Patent number: 10592685Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.Type: GrantFiled: January 24, 2018Date of Patent: March 17, 2020Assignee: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano
-
Patent number: 10558817Abstract: A method for linking user identifiers. The method includes receiving, by a linking server and from a company server, a first data structure comprising entries. Each entry comprising a user tag, a first hashed user information, and a second hashed user information. The method includes receiving, by a linking server and from a partner server, a second data structure comprising entries. Each entry comprising a bridge tag, a first hashed bridge information, and a second hashed bridge information. The method includes retrieving, by the linking server and from the first data structure, a first entry of the entries and retrieving, by the linking server and from the second data structure, a first entry of the entries. The method includes linking the user tag of the first entry of the first data structure to the bridge tag of the first entry of the second data structure to generate a first linkage.Type: GrantFiled: January 30, 2017Date of Patent: February 11, 2020Assignee: Foley & Lardner LLPInventors: Vinay Goel, Philip Mcdonnell, Sachin Kulkarni, Anshul Gupta, Shobhit Saxena, Patrick McDonald, Thai Duong, Mihaela Ion, Benjamin Kreuter, Sarvar Patel, Karn Seth
-
Publication number: 20190310799Abstract: A method includes executing an instruction to execute a query for a data block, the data block associated with a corresponding memory level of a logarithmic number of memory levels (li) of memory, each memory level (li) including physical memory (RAMi) residing on memory hardware of a distributed system. The method also includes retrieving a value associated with the data block from an oblivious hash table using a corresponding key, and extracting un-queried key value pairs from the oblivious hash table associated with un-queried data blocks after executing a threshold number of queries for data blocks. The method also includes a multi-array shuffle routine on the extracted key value pairs from the oblivious hash table to generate an output array containing the un-queried key value pairs.Type: ApplicationFiled: March 26, 2019Publication date: October 10, 2019Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano, Mariana Raykova
-
Publication number: 20180314847Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.Type: ApplicationFiled: January 24, 2018Publication date: November 1, 2018Applicant: Google LLCInventors: Kevin Yeo, Sarvar Patel, Giuseppe Persiano
-
Publication number: 20180254893Abstract: Systems and methods may be used for establishing a link between user identifiers of different systems without disclosing specific user identifying information. One method includes generating a matching relationship based on double encrypted one or more first data sets of a first party system and double encrypted one or more second data sets of a second party system. The matching relationship indicates one or more links between match keys associated with the first party system and the match keys associated with the third party system. The method includes assigning bridge identifiers for user identifiers associated with the first party system and the user identifiers associated with the third party system based on the matching relationship.Type: ApplicationFiled: December 14, 2017Publication date: September 6, 2018Applicant: Google LLCInventors: Shobhit Saxena, Benjamin Kreuter, Sarvar Patel, Karn Seth
-
Publication number: 20180218168Abstract: A method for linking user identifiers. The method includes receiving, by a linking server and from a company server, a first data structure comprising entries. Each entry comprising a user tag, a first hashed user information, and a second hashed user information. The method includes receiving, by a linking server and from a partner server, a second data structure comprising entries. Each entry comprising a bridge tag, a first hashed bridge information, and a second hashed bridge information. The method includes retrieving, by the linking server and from the first data structure, a first entry of the entries and retrieving, by the linking server and from the second data structure, a first entry of the entries. The method includes linking the user tag of the first entry of the first data structure to the bridge tag of the first entry of the second data structure to generate a first linkage.Type: ApplicationFiled: January 30, 2017Publication date: August 2, 2018Inventors: Vinay Goel, Philip Mcdonnell, Sachin Kulkarni, Anshul Gupta, Shobhit Saxena, Patrick McDonald, Thai Duong, Mihaela Ion, Benjamin Kreuter, Sarvar Patel, Karn Seth
-
Patent number: 9847871Abstract: Systems and methods for a multiple value packing scheme for homomorphic encryption are described, including at a server, generating a plurality of encrypted payloads, each having a plurality of data values; and at a client, receiving each of the encrypted payloads having the plurality of data values; and multiplying one or more of the data values of one of the encrypted payloads by one or more other data values in one or more of the other encrypted payloads, to generate a product that represents the summation of data values corresponding to the multiplied one or more data values of the encrypted payloads and the one or more of the other data values in the one or more other encrypted payloads.Type: GrantFiled: December 16, 2016Date of Patent: December 19, 2017Assignee: GOOGLE LLCInventors: Sarvar Patel, Marcel M. M. Yung
-
Publication number: 20170149558Abstract: Systems and methods for a multiple value packing scheme for homomorphic encryption are described, including at a server, generating a plurality of encrypted payloads, each having a plurality of data values; and at a client, receiving each of the encrypted payloads having the plurality of data values; and multiplying one or more of the data values of one of the encrypted payloads by one or more other data values in one or more of the other encrypted payloads, to generate a product that represents the summation of data values corresponding to the multiplied one or more data values of the encrypted payloads and the one or more of the other data values in the one or more other encrypted payloads.Type: ApplicationFiled: December 16, 2016Publication date: May 25, 2017Inventors: Sarvar Patel, Marcel M.M. Yung